Hot!Bulk create local guest users and sync between multiple fortigates

Author
sossie
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/05/27 19:11:03
  • Status: offline
2020/08/27 20:52:43 (permalink)
0

Bulk create local guest users and sync between multiple fortigates

Hi all,
 
I'm using a Fortigate 100F with Captive portal for a guest wifi, it works ok. We are not using FortiAP's so I can't use all the captive portal features available with FortiAP's.
 
I now have a 2nd site which also has a Fortigate firewall and guest wifi so what I would like to do is sync the guest users between the two fortigates. 
 
So I would like to know, can I somehow export the local users from Fortigate1 and import them into Fortigate2 including the password?
 
Anyone know how I can do that with a script or API?
 
Cheers, Simon
#1

2 Replies Related Threads

    sw2090
    Expert Member
    • Total Posts : 751
    • Scores: 56
    • Reward points: 0
    • Joined: 2017/06/14 01:27:25
    • Location: Regensburg
    • Status: offline
    Re: Bulk create local guest users and sync between multiple fortigates 2020/08/27 23:50:42 (permalink)
    0
    you could exec an ssh session that executes "show user local" on the 100F. This outputs the complete part of the config that has all user that exist local on that fgt.
    then you could exec an ssh session on Site 2 FGT and execute this as config script (just has to exec all commands that "show user local" outputted top down).
    you could do this programmatically of course. Then you just need to set up some scheduling to exec this regularly.
     
    The only other ways I know would be to use a fortimanager and either have both FGT use the same policy package (then they also share the users) or have the users in global db and assign that to the adom your FGT are in. But I guess in your case that'd be overkill...
    #2
    sw2090
    Expert Member
    • Total Posts : 751
    • Scores: 56
    • Reward points: 0
    • Joined: 2017/06/14 01:27:25
    • Location: Regensburg
    • Status: offline
    Re: Bulk create local guest users and sync between multiple fortigates 2020/08/27 23:52:36 (permalink)
    0
    btw I just see the output of "show user local" is missing the last "end".
    It should be added to close user config mode after adding the last user.
     
    incorrect because I hit ctrl-c instead of letting the output finish.
    Maybe doing this using scp (then you have to enable admin-scp on the FGTs) is even the better plan.
    post edited by sw2090 - 2020/08/27 23:54:58
    #3
    Jump to:
    © 2020 APG vNext Commercial Version 5.5